NVD

Id
43945  
Name
CVE-2012-2096  
Description
The Fivestar module 6.x-1.x before 6.x-1.20 for Drupal does not properly validate voting data, which allows remote attackers to manipulate voting averages via a negative value in the vote parameter.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2012-08-14  
Modified Date
2012-08-15  
Seq
2012-2096  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
220738 43945 CVE-2012-2096 http://drupal.org/node/1528600  View
220739 43945 CVE-2012-2096 http://drupal.org/node/1528614  View
220740 43945 CVE-2012-2096 http://drupalcode.org/project/fivestar.git/commitdiff/75dba2c  View
220741 43945 CVE-2012-2096 [oss-security] 20120411 CVE Request for Drupal Contributed Advisories on 2012-04-11  View
220742 43945 CVE-2012-2096 [oss-security] 20120411 Re: CVE Request for Drupal Contributed Advisories on 2012-04-11  View
220743 43945 CVE-2012-2096 52984  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27969 JVNDB-2012-003676 Drupal 用 Fivestar モジュールにおける投票の平均を操作される脆弱性 Drupal 用 Fivestar モジュールは、投票データを適切に検証しないため、投票の平均を操作される脆弱性が存在します。 CVE-2012-2096 55334 CVE-2012-2096 43945 5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003676.html 2012-04-11 2012-08-17 View